Posts tagged Flaw

It can't have escaped your attention that security experts have declared open season on Apple products over the last few weeks. At San Francisco's RSA conference, an even more terrifying exploit has been revealed that has the power to send your iPhone or iPad into a perpetual restart loop. Mobile...

Folks buy the highly secure Blackphone handset for the warm and fuzzy feeling that nobody can see their stuff, but that trust was misplaced until recently, according to security expert Mark Dowd. He found a vulnerability in the text message application of the phone that let attackers steal message...

A day after Google publicized a flaw in Windows 8.1 before Microsoft could do anything about it, news broke about a security vulnerability in Android that the Mountain View company, well, won't fix at all. Rafay Baloch, an independent researcher, and Joe Vennix, an engineer at Rapid7 (a security a...

When the world's biggest technology companies start playing rough with each other, it's normally consumers who wind up suffering. This time out, it's Windows users who are feeling the pain after Google publicly posted the details of a Windows 8.1 flaw before Microsoft could fix it. In a public res...

Did your Twitter app suddenly give you the boot or otherwise behave strangely? It's not just you. The social network has confirmed a sign-in problem that's kicking out hordes of users (so far, mostly on Android) and preventing them from logging back in. Also, TweetDeck on the desktop is listing ev...

A critical security issue in the network time protocol (NTP) has prompted Apple to push an automatic OS X update to users for the first time. Google researchers discovered the flaw which could allow a remote attacker to "send a carefully crafted packet that can overflow a stack buffer and allow ma...

Yet another critical security flaw has been found for Adobe's notoriously sieve-like Flash plug-in, this time by Google Engineer Michele Spagnuolo. His exploit tool, called "Rosetta Flash" is just a proof of concept, but could allow hackers to steal your cookies and other data using malicious Flas...

If you've shared a Dropbox document recently, but your intended recipients are complaining that the link is bust, then here's the likely reason: The cloud storage service has been forced to sever many shared links after realizing, perhaps a bit late in the day, that they contained an inherent secu...

The recent Heartbleed scare caused a huge stir, even though it was effectively fixed before it even happened. There are other sorts of security holes, however, which can't be plugged so readily, and which affected companies therefore have less incentive to publicize. A researcher in Singapore, Wan...

The United States National Security Security Agency reportedly used the recently uncovered "Heartbleed" security exploit to access information, Bloomberg reports. According to two unnamed sources, the NSA exploited the flawed security standard for the past two years without alerting affected compa...

Read our Heartbleed defense primer? Good, but the fight for your privacy isn't over just yet: you might have to replace your router, too. Cisco Systems and Juniper Networks have announced that the Heartbleed bug -- a flaw in OpenSSL that lets attackers bypass common security protocols -- has been...

Don't change your password. It's strange advice to hear when the so-called Heartbleed bug is leaving databases all over the web open and exposed, but it's applicable. Yes, security has been compromised for many of your favorite websites and services (including Google, Flickr and Steam, at least in...